• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech Guide
  • Home Improvement
  • Gadget & Apps
  • Deals
  • News

Hackers using malicious Word documents to steal money from businesses

By Guest Authors

Hackers like to manipulate legitimate software tools and applications to carry out their malicious activities, and Microsoft Word becomes the latest program used by the bad actors to spread file-encrypting malware and/or Trojan to steal money from businesses.

Security researchers have discovered a new scheme by hackers in which they disguise a specially created Word document developed from the Microsoft Word Intruder exploit tool in order to penetrate the Word ecosystem and create an opening for malware.

Once a user opens the attachment in an email – a typical attack vector employed by hackers – the malware will start to infect the victim’s computer. Security experts warn against opening attachments contained in an email sent by an unknown person or an organization that purports itself to be, say, a charitable group or a lottery or a well-known financial services firm offering its products to you.

malicious-word

More specifically, the Hawkeye attack has targeted many individuals, usually employees in a company. The attack has so far stolen hundreds of thousands of dollars from business. The malware works to crash computer systems with unpatched problems by developing or purchasing a Word document. The Word file also contains various types of viruses, and it depends on the hacker what kind of virus to install in the system of the victim. According to the researchers who spotted the attack scheme, Hawkeye contains a keylogger.

Since the target is the business sector, the hackers would spread the malicious Word file to different employees in many companies, usually those who work in the finance department. The hackers will state in the seemingly legitimate email that they are sending a quote request or order. Typically, emails like this will be welcomed for the prospect of a business deal.

The keylogger works by installing itself when the employee opens the Word document, without the victim knowing it. Once installed, the keylogger then keeps track of an employee’s corporate email username and password and uses the stolen data to log in to the corporate email account. The hackers would use the privilege to send another email message to a client claiming that the bank account number for the payment has been replaced, which is actually the bank account of the hackers.

According to the security researchers, the payout for this sort of attack could reach more than $1 million, so although there are few incidents involving such a scheme, the high-value payout still makes it a big deal. Again, the best way to counter this is not to open unsolicited email.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

Sanlaki vs SolidSlime VR Adapter for Eleven Table Tennis on Meta Quest 3

OptiSolex 400W Portable SolarBag Kit Review

MechLands M75 75% Wired-mode Hall Effect Keyboard Review

OneOdio Studio Max 1 DJ Wireless Headphones Review – Ultra-Low Latency Wireless Audio for DJs

Follow TechWalls

YoutubeFacebookXInstagram

Recent Posts

  • Sanlaki vs SolidSlime VR Adapter for Eleven Table Tennis on Meta Quest 3
  • Mother’s Day Deals: pexar Digital Picture Frames on Sale in May
  • Is Roasting Your Own Coffee Cheaper Than Buying Fresh Beans?
  • Wuben G5 EDC Mini Flashlight: A Compact Powerhouse for Everyday Carry

Copyright © 2025 · All Rights Reserved